AWS Certified Solutions Architect - Associate

Get started today

Ultimate access to all questions.

Deep dive into the quiz with AI chat providers.

We prepare a focused prompt with your quiz and certificate details so each AI can offer a more tailored, in-depth explanation.

A company has deployed its newest product on AWS. The product runs in an Auto Scaling group behind a Network Load Balancer. The company stores the product's objects in an Amazon S3 bucket.

The company recently experienced malicious attacks against its systems. The company needs a solution that continuously monitors for malicious activity in the AWS account, workloads, and access patterns to the S3 bucket. The solution must also report suspicious activity and display the information on a dashboard.

Which solution will meet these requirements?

Other

Community

UAnonymous

Last updated: February 23, 2026 at 11:39

Configure Amazon Macie to monitor and report findings to AWS Config.

Configure Amazon Inspector to monitor and report findings to AWS CloudTrail.

Configure Amazon GuardDuty to monitor and report findings to AWS Security Hub.

Configure AWS Config to monitor and report findings to Amazon EventBridge.

Explanation:

Explanation

Amazon GuardDuty is the correct solution because:

Continuous monitoring for malicious activity: GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior in AWS accounts, workloads, and S3 data access patterns.
Comprehensive threat detection: GuardDuty analyzes:
- AWS CloudTrail logs for suspicious API calls
- VPC Flow Logs for unusual network traffic
- DNS logs for compromised instances
- S3 data events for suspicious access patterns
Integration with AWS Security Hub: GuardDuty can send findings to AWS Security Hub, which provides a centralized dashboard for viewing security findings from multiple AWS security services.
S3 bucket monitoring: GuardDuty specifically monitors S3 data events for suspicious access patterns, which addresses the requirement to monitor access patterns to the S3 bucket.

Why the other options are incorrect:

A. Amazon Macie: Macie is focused on data security and privacy, specifically for discovering and protecting sensitive data in S3. While it can detect unusual access patterns, it doesn't provide comprehensive monitoring of AWS account workloads and malicious activity across the entire infrastructure.
B. Amazon Inspector: Inspector is an automated vulnerability management service that assesses applications for exposure, vulnerabilities, and deviations from best practices. It doesn't continuously monitor for malicious activity or suspicious access patterns to S3 buckets.
D. AWS Config: Config is a service for assessing, auditing, and evaluating AWS resource configurations for compliance. While it can track configuration changes, it doesn't monitor for malicious activity or suspicious access patterns in real-time.

Key AWS Services:

Amazon GuardDuty: Intelligent threat detection
AWS Security Hub: Centralized security dashboard
Amazon Macie: Data security and privacy
Amazon Inspector: Vulnerability assessment
AWS Config: Configuration compliance

Powered ByGPT-5.2

Comments

Loading comments...